Abstract

Using the URL or DOI link below will
ensure access to this page indefinitely

Based on your IP address, your paper is being delivered by:

New York, USA

Processing request.

Illinois, USA

Processing request.

Brussels, Belgium

Processing request.

Seoul, Korea

Processing request.

California, USA

Processing request.

If you have any problems downloading this paper,please click on another Download Location above, or view our FAQFile name: SSRN-id2152693. ; Size: 205K

You will receive a perfect bound, 8.5 x 11 inch, black and white printed copy of this PDF document with a glossy color cover. Currently shipping to U.S. addresses only. Your order will ship within 3 business days. For more details, view our FAQ.

Quantity:Total Price = $9.99 plus shipping (U.S. Only)

If you have any problems with this purchase, please contact us for assistance by email: Support@SSRN.com or by phone: 877-SSRNHelp (877 777 6435) in the United States, or +1 585 442 8170 outside of the United States. We are open Monday through Friday between the hours of 8:30AM and 6:00PM, United States Eastern.

When Patients Interact with EHRs: Problems of Privacy and Confidentiality

Increasing individuals’ understanding and participation in their health care is good for their health and for the health care system. So goes the argument for encouraging and enhancing technologies that allow interaction between patients and their providers, including patients’ access to their health records. With electronic health records (EHRs) and panoplies of remote communication technologies, patient access can be direct, in real-time, and interactive. These technologies include portals for patients to access their providers’ EHRs and communicate electronically with their providers, remote sensing devices for patient data to be entered directly into EHRs, and EHR capabilities that allow patients to download electronic copies of information in their EHRs.

But patient interaction with their EHRs also presents privacy and confidentiality risks. From the perspective of privacy, patients may be unaware of the extent to which information may be gleaned from them and then be available to others, including their health care providers. From a confidentiality perspective, inadequate identity proofing or authentication procedures may allow unauthorized individuals to access records. Moreover, rules governing records access by authorized personal representatives may reveal more than patients would expect or want. Use by patients of capabilities to download their records may open these records to confidentiality and security protections that are far less stringent than the protections afforded these same records in the possession of health care providers. The article concludes with suggestions for protections that can enable patients to enjoy the great advantages of participative technologies with assurance that privacy and confidentiality are respected.